﻿<?php require_once("includes/session.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php
	
	if (logged_in()) {
		redirect_to("client.php");
	}

	//include_once("includes/form_functions.php");
	
	// START FORM PROCESSING
	if (isset($_POST['submit'])) { // Form has been submitted.
		$errors = array();

		// perform validations on the form data
		// $required_fields = array('username', 'password');
		// $errors = array_merge($errors, check_required_fields($required_fields, $_POST));

		// $fields_with_lengths = array('username' => 30, 'password' => 30);
		// $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));

		$username = trim(mysql_prep($_POST['username']));
		$password = trim(mysql_prep($_POST['password']));
		$hashed_password = sha1($password);
		
		
		if ( empty($errors) ) {
			// Check database to see if username and the hashed password exist there.
			$query = "SELECT * ";
			$query .= "FROM `vartotojas`,`personalas` ";
			$query .= "WHERE `vartotojas`.vartvardas = '{$username}' ";
			$query .= "AND `vartotojas`.password = '{$hashed_password}' ";
			$query .= "AND `vartotojas`.`personalasid` = `personalas`.`personalasid` ";
			$query .= "LIMIT 1";
			$result_set = mysql_query($query);
			confirm_query($result_set);
			if (mysql_num_rows($result_set) == 1) {
				// username/password authenticated
				// and only 1 match
				echo "Gay power";
				$found_user = mysql_fetch_array($result_set);
				//print_r ($found_user);
				$_SESSION['vartotojasid'] = $found_user['vartotojasid'];
				$_SESSION['password'] = "eat shit";
				 $_SESSION['vardas'] = $found_user['vardas'];
				 $_SESSION['pavarde'] = $found_user['pavarde'];
				//print_r ($_SESSION);
				redirect_to("client.php");
			} else {
				// username/password combo was not found in the database
				$message = "Neteisingas vartotojo vardas ir/ar slaptažodis.<br />
					Bandykite dar kartą.";
			}
		} else {
			if (count($errors) == 1) {
				$message = "There was 1 error in the form.";
			} else {
				$message = "There were " . count($errors) . " errors in the form.";
			}
		}
		
	} else { // Form has not been submitted.
		if (isset($_GET['logout']) && $_GET['logout'] == 1) {
			$message = "Sveikiname atsijungus.<br>Linksmo savaitgalio.";
		 
		$username = "";
		$password = "";}
	}
?>

<html>
	<head>
		<title>Login</title>
		
		<script>
		function capLock(e){
 kc = e.keyCode?e.keyCode:e.which;
 sk = e.shiftKey?e.shiftKey:((kc == 16)?true:false);
 if(((kc >= 65 && kc <= 90) && !sk)||((kc >= 97 && kc <= 122) && sk))
  document.getElementById('divMayus').style.visibility = 'visible';
 else
  document.getElementById('divMayus').style.visibility = 'hidden';
}
		</script>
	</head>
	<body>
	

	<table align="center" id="structure">
	<tr>
		
		<td align="center" id="page">
			<h2>Prisijungimas</h2>
			<?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
			<?php if (!empty($errors)) { display_errors($errors); } ?>
			<form action="index.php" method="post" >
			<table>
				<tr>
					<td>Vartotojas:</td>
					<td><input type="text" name="username" maxlength="30" value="<?php echo htmlentities($username); ?>" /></td>
				</tr>
				<tr>
					<td>Slaptažodis:</td>
					<td><input type="password" name="password" onkeypress="capLock(event)" maxlength="30" value="<?php echo htmlentities($password); ?>" /></td>
				</tr>
				<tr>
					<td align="center" colspan="2"><div id="divMayus" style="visibility:hidden; font-weight:bold; color:red; background-color:#efff79; border:1px solid #333; border-radius:5px">Caps Lock is on.</div></td>
				</tr><tr>
					<td align="center" colspan="2"><input type="submit" name="submit" value="Prisijungti" /></td>
				</tr>
			</table>
			</form>
		</td>
	</tr>
</table>
	</body>
</html>